After you add your website to Web Application Firewall (WAF), you can use the alert settings feature to configure alerting. After you configure alerting, WAF sends alert notifications in real time when WAF detects attacks and abnormal traffic. This way, you can understand the security posture of your website in real time.

Prerequisites

  • Your website is added to WAF. For more information, see Tutorial.
  • Optional:The Log Service for WAF feature is enabled.

    By default, WAF allows you to configure monitoring and alerting by using Alibaba Cloud CloudMonitor. For more information, see CloudMonitor. In the CloudMonitor console, you can configure monitoring and alerting for WAF-detected attack events and WAF metrics. For more information about WAF metrics, see WAF metrics. If the WAF metrics supported by CloudMonitor cannot meet your requirements, you can use the Log Service for WAF feature to customize more WAF alert settings.

    If the Log Service for WAF feature is disabled, you cannot use the alert settings feature. For more information, see Enable Log Service for WAF.

Background information

WAF integrates CloudMonitor and synchronizes the basic statistics and attack events of your website added to WAF to CloudMonitor. Then, CloudMonitor sends system alerts and alerts on the attack events. You can customize notification and handling methods for different types of events. This way, you can implement comprehensive and effective O&M on a daily basis.

Procedure

  1. Log on to the Web Application Firewall console.
  2. In the top navigation bar, select the resource group and region to which the WAF instance belongs. The region can be Mainland China or International.
  3. In the left-side navigation pane, choose System Management > Alarm Settings.
  4. On the Alarm Settings page, configure notification methods based on event types. Alarm Settings page